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CONTINUATION DATA 

This is a continuation-in-part of co-pending application Serial No. 09/433,818 
titled "A Network Communications Service with an Improved Subscriber Model Using 
5 Digital Certificates" and filed on November 3, 1999, whose inventors are Brett B. Stewart 
and James Thompson. 

BACKGROUND OF THE INVENTION 

10 1. Field of the Invention 

This invention relates generally to network communications, and more 
specifically to a system and method enabling a network infrastructure to support multiple 
network providers and/or customers of multiple network providers. The invention also 
relates to a system and method enabling different access levels within a wired or wireless 

1 5 network system. 

2. Description of the Relevant Art 

Various types of wired and wireless infrastructures are being developed to service 
users of computing devices, such as portable computing devices (PCDs). Currently, 

20 numerous providers are attempting to install wireless network infrastructures in various 
locations, such as airports, hotels, office buildings, etc. for use by various users. 
However, when two or more providers install a wireless network infrastructure in a single 
location, such as an airport, the providers may begin to oversubscribe the RF domain. In 
other words, the electromagnetic spectrum usable by these wireless networks is limited, 

25 and if two or more wireless networks are installed in the same location, this may result in 
inadequate RF bandwidth for use by each of these networks. Currently, only 3 non- 
overlapping RF channels are available for different network providers. Once these 
channels are used, no further bandwidth, or limited bandwidth, may be available for other 
providers. 
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IEEE 802.11 defines the IEEE standard for wireless Ethernet. IEEE 802.11 is 
designed to support multiple overlapping wireless local area networks (LANs) in a given 
coverage area. Each wireless local area network will typically include one or more access 
points which communicate in a wireless fashion with a corresponding computing device 
5 of a user, which typically includes a wireless Ethernet transceiver, IEEE 802.1 1 currently 
uses a System ID (SID) to "select" which LAN to use and which access point with which 
to associate. 

However, due to the problems associated with multiple wireless infrastructures 
installed in a common area, it may be desirable to provide a single wireless (or wireless 

10 and wired) infrastructure which may be used by two or more different network service 
providers. Therefore, it would be desirable to provide a system and method which 
enables a common wireless network infrastructure to be used by two or more network 
service providers. This would allow a plurality of service providers to utilize a common 
set of access points to provide service to a potentially overlapping set of customers. This 

15 would also provide subscribers or users with the ability to more fully utilize the existing 
network infrastructure. It would further be desirable to provide a distributed wireless 
network system which can selectively provide different access levels to users of the 
system. It would further be desirable to provide the above features in a wired network 
service system. 

20 
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SUMMARY OF THE INVENTION 

One embodiment of the present invention comprises a system and method for 
providing access and/or roaming features on a distributed network system. The network 
5 system includes a plurality of access points coupled to a network. The network access 
points include wireless access points and may also include wired access points. Access 
points (APs) for the network may be widely distributed in various facilities, such as 
airports, mass-transit stations, and various businesses, such as business offices, 
restaurants, and stores, e.g., coffee shops or restaurants at an airport. The network may 

10 couple to a wide area network, such as the Internet. A plurality of network providers may 
provide network services, such as Internet access, over the network infrastructure. 

In one embodiment, a user, also referred to as a subscriber, may access the 
network system through a portable computing device (PCD) using, for example, a 
wireless (or wired) network interface card. When in sufficiently close range to an access 

15 point, the PCD may wirelessly access the network system, or the PCD may be directly 
connected to a wired connection. In one embodiment, the APs are arranged at known 
geographic locations and may provide geographic location information regarding the 
geographic location of the AP or the mobile user. 

Each PCD may store identification information which may uniquely indicate at 

20 least one network provider of a plurality of possible network providers. The 
identification information thus may designate the network provider (or providers) to 
which the user of the PCD is a subscriber. The identification information may take 
various forms, such as a System ID (SID), MAC ID, or other identification which may be 
used to identify the network provider to which the user has subscribed. When the PCD 

25 becomes close to an access point, the PCD may provide the identification information to 
the access point. 

In one embodiment, each of the access points are operable to "listen for" or detect 
identification information, e.g., System IDs, associated with numerous different 
providers. Alternatively, each of the access points may be operable to broadcast requests 

Atty. Dkt. No.: 5285-04800 Page 3 Conley, Rose & Tayon, P.C. 



for identification information, e.g., broadcast recognized System IDs to the PCDs, 
wherein the PCDs may respond to this broadcast by providing the identification 
information. When the access point receives the identification information from a PCD 
of a user, the access point may determine the network provider for the portable 
5 computing device using the identification information. Thus, the network system is able 
to recognize and process identification information which identifies any of the plurality of 
possible network providers. In one embodiment, the APs answer all queries from all 
PCDs, even if the identification information from the PCD does not match the 
information available to that particular AP, e.g., even if an unknown SID is received. 

1 o In one embodiment, the network system may include a memory medium which 

stores a list of identification information that maps to a corresponding list of the plurality 
of possible network providers. The memory medium may be comprised in one or more 
of, or all of, the access points, or may be comprised in one or more other devices 
connected to the network, such as a computer system. In this embodiment, determining 

] 5 the network provider for the portable computing device includes accessing the memory 
medium and using the received identification information to determine the network 
provider. For example, the access point or other device may use the received System ID 
to index into a table to determine the appropriate network provider. 

The memory medium may also store associated access information. For each of 

20 the network providers, the access information may include access methods for providing 
user data to the respective network provider, such as a destination IP address of the 
network provider. The appropriate access method may be used based on the identification 
information and/or the determined network provider. Thus, the identification information 
may be used to determine the appropriate provider as well as be used to automatically 

25 route network packets or data from/to that PCD to the appropriate provider. 

The access information stored on the memory medium may also include an access 
level which indicates the user's access rights or privilege level. Thus, the local network 
may provide various local resources which are available to all users regardless of access 
level, and users with a higher access level may in addition be entitled to Internet access. 
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In other environments, all users may receive Internet access, and users with a lower 
access level may not be entitled to view or utilize certain or all local network resources on 
the network. Thus, depending on the access level, the user may be simply provided 
solely with external Internet access, or only local network access, or may be provided 
5 with no network services. The access level may also possibly depend on the known 
geographic location of the AP or the user. For example, the access level for each user 
may vary depending on the known geographic location of the AP to which the user is 
currently associated. 

In one embodiment, one or more of the network provider ID and the access 

1 0 information may be provided by the PCD of the user. Thus, an access point or other 
device on the network may not be required to perform a look-up to determine this 
information, but rather this information may be provided by the PCD. 

When the portable computing device communicates with the access point, the 
network access may be provided to the portable computing device through the determined 

15 network provider. For example, the access point may provide the data to a destination 
based on or specified by the determined network provider, e.g., may provide or route the 
data to the determined network provider's site, e.g., to equipment provided by the 
network provider. The network provider may then provide Internet access and/or provide 
other network services. The network provider will also typically charge a fee for this 

20 service. The access point preferably provides the data to the destination in a secure 
manner to prevent the data from being unintentionally provided to third parties, such as 
other providers. 

Thus the network system is useable by subscribers of each of the plurality of 
possible network providers, thereby enabling subscribers to "roam" on various networks, 
25 including networks maintained by other providers. For example, the plurality of access 
points may be maintained by a first network provider, and a subscriber of a second 
network provider may be recognized and allowed use of the network. Alternatively, the 
plurality of access points may be maintained by an independent third party, and 
subscribers of any of various network providers may be recognized and allowed use of 
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the network. Network providers may charge subscribers for access regardless of who 
operates or maintains the network. In addition, the network system may selectively 
provide different access levels to network resources depending on the access or privilege 
level of the user. This allows visitors or non-members of a network system to be allowed 
certain network services, such as Internet access, without compromising other private 
network resources. 
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BRIEF DESCRIPTION OF THE DRAWINGS 

Other objects and advantages of the invention will become apparent upon reading 
5 the following detailed description and upon reference to the accompanying drawings in 
which: 

Figure 1 is a block diagram of one embodiment of a wireless network system; 

Figure 2 is a more detailed block diagram of one embodiment of the wireless 
network system of Figure 1; 
10 Figure 3 is a block diagram of another embodiment of the wireless network 

system of Figure 1; 

Figure 4 is a flowchart diagram illustrating operation of allowing access to a 
wireless network system using a roaming model; 

Figure 5 illustrates an example of a data structure which stores network provider 
15 and access information; and 

Figure 6 illustrates selectively allowing access to a wireless network system using 
various access levels. 

While the invention is susceptible to various modifications and alternative forms, 
20 specific embodiments thereof are shown by way of example in the drawings and will 
herein be described in detail. It should be understood, however, that the drawings and 
detailed description thereto are not intended to limit the invention to the particular form 
disclosed, but on the contrary, the intention is to cover all modifications, equivalents and 
alternatives falling within the spirit and scope of the present invention as defined by the 
25 appended claims. 
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DETAILED DESCRIPTION OF THE EMBODIMENTS 



Incorporation by Reference 
5 U.S. Patent No. 5,835,061, titled "Method and Apparatus for Geographic-Based 

Communications Service", whose inventor is Brett B. Stewart, is hereby incorporated by 
reference in its entirety as though fully and completely set forth herein. 

U.S. Patent No. 5,969,678, titled "System for Hybrid Wired and Wireless 
Geographic-Based Communications Service", whose inventor is Brett B. Stewart, is 
10 hereby incorporated by reference in its entirety as though fully and completely set forth 
herein. 

U.S. Patent Application Serial No. 09/433,817 titled "Geographic Based 
Communications Service" and filed on November 3, 1999, whose inventors are Brett B. 
Stewart and James Thompson, is hereby incorporated by reference in its entirety as 
15 though fully and completely set forth herein. 

U.S. Patent Application Serial No. 09/433,818 titled "A Network 
Communications Service with an Improved Subscriber Model Using Digital Certificates" 
and filed on November 3, 1999, whose inventors are Brett B. Stewart and James 
Thompson, is hereby incorporated by reference in its entirety as though fully and 
20 completely set forth herein. 

U.S. Patent Application Serial No. titled "System and Method 

for Managing User Demographic Information Using Digital Certificates" and filed on 
April 18, 2000, whose inventors are Brett B. Stewart and James Thompson, is hereby 
incorporated by reference in its entirety as though fully and completely set forth herein. 

25 

Figure 1 - Network Communication System 

Figure 1 shows one embodiment of a distributed network communication system 
100. The network system 100 may include one or more access points 120, preferably a 
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plurality of access points 120. At least a subset of the access points 120 are wireless 
access points (APs) 120 which communicate with a portable computing device (PCD) 
110 in a wireless fashion. Each wireless access point (AP) 120 may have a wireless 
connection or transceiver (e.g., an antenna) and may operate according to various wireless 
5 standards, such as wireless Ethernet (IEEE 802. 1 1). One or more of the access points 120 
may also be wired access points which communicate with a portable computing device 
1 1 0 in a wired fashion. 

Each AP 120 may be coupled to a network 130. The network 130 may comprise a 
wired network, a wireless network or a combination of wired and wireless networks. For 
10 example, the network 130 may be a standard "wired" Ethernet network which connects 
each of the wireless (and wired) access points 120 together. The network 130 may also 
be a wireless network based on IEEE 802.11. The network 130 may form part of the 
Internet, or may couple to other networks, e.g., other local or wide area networks, such as 
the Internet. 

15 The network 130 may also include or be coupled to other types of 

communications networks, (e.g., other than the Internet) such as the public switched 
telephone network (PSTN), whereby a user using PCD 110 may send and receive 
information from/to the PSTN or other communication network through a network 
provider. The network 130 may also include, or be coupled to, another wide area 

20 network 130, such as a proprietary WAN. The network 130 thus may be, or be coupled 
to, any of various wide area networks (WANs) or local area networks (WANs), including 
the Internet. 

The access points (APs) 120 may be widely distributed in various facilities, such 
as airports, mass-transit stations, shopping malls, restaurants and other businesses, such 
25 as business offices, law firm offices, retail stores, etc. For example, where the access 
points 120 are distributed in an airport, one or more access points 120 may be distributed 
throughout various terminals in the airport, in an airline club, and in coffee shops, 
restaurants or rental car counters at the respective airport. The access points 120 may 
thus be primarily designed to service mobile users, wherein it may not be known ahead of 
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time which mobile users will be accessing the network from which locations. Thus the 
network system 100 is preferably a distributed network system, with access points placed 
in locations to service mobile users. This differs from a conventional fixed LAN ? where 
it is generally pre-configured as to which pre-determined users will be using which nodes 
5 in the fixed LAN on a day-to-day basis, and the relative access levels that these pre- 
determined users have is also pre-configured. 

Each access point 120 may comprise information used to identify or select a 
network provider for a particular user, as well as related access information to enable the 
network provider to provide access. When in sufficiently close range to an access point 
10 120, or when the PCD 110 is directly coupled to an access point 120 in a wired fashion, 
the PCD 110 may access the network utilizing a particular network provider, as discussed 
further below. 

A user operating a portable computing device (PCD) 110 may communicate with 
one of the access points 120 to gain access to network services, such as Internet access. 

15 The portable computing device (PCD) 110 may have a wireless communication device, 
e.g., a wireless Ethernet card, for communicating with a wireless access point 120. The 
portable computing device (PCD) 110 may instead have a wired communication device, 
e.g., an Ethernet card, for communicating with a wired access point 120. 

The portable computing device 110 may be any of various types of devices, 

20 including a computer system, such as a portable computer, a personal digital assistant 
(PDA), an Internet appliance, a communications device, or other wired or wireless 
device. The PCD may include various wireless or wired communication devices, such as 
a wireless Ethernet card, paging logic, RF communication logic, a wired Ethernet card, a 
modem, a DSL device, an ISDN device, an ATM device, a parallel or serial port bus 

25 interface, or other type of communication device. 

The PCD 110 preferably includes a memory medium which stores identification 
information indicating a network provider to which the user has subscribed. The 
indicated network provider may be one of a plurality of possible network providers that 
provide Internet access or other network services in a network system such as that shown 
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in Figure 1. The identification information may be a System ID (an 802.1 1 System ED), a 
MAC ID of a wireless Ethernet device comprised in the PCD 110, the name of the 
network provider, or other type of information that uniquely identifies one (or more) 
network providers. The identification information may be contained in a digital 
5 certificate, which may be stored in a web browser or other location of the personal 
computing device 110. 

Where the access point 120 is a wireless access point 120, the wireless 
communication may be accomplished in a number of ways. In one embodiment, PCD 
110 and wireless AP 120 are both equipped with an appropriate transmitter and receiver 
10 compatible in power and frequency range (e.g., 2.4GHz) to establish a wireless 
communication link. Wireless communication may also be accomplished through 
cellular, digital, or infrared communication technologies, among others. To provide user 
identification and/or ensure security, the PCD 110 may use any of various security 
mechanisms. 

15 Where the access point 120 is a wired access point 120, the wired connection may 

be accomplished through a variety of different ports, connectors, and transmission 
mediums. For example, the PCD 110 may be connected through an Ethernet, USB, 
serial, or parallel transmission cables, among others. The PCD 110 may also include 
various communication devices for connecting to the AP 120, such as wired Ethernet 

20 cards, modems, DSL adapters, ATM adapters, IDSN devices, or other communication 
devices. For example, a hotel may have Ethernet connections in the restaurants, shops, 
and guest rooms. An airline club, e.g., an airport Admiral's Club, may also have both 
wireless and wired connections for mobile users. A user may connect to a wired access 
point 120 through the use of a laptop computer (PCD 110), an Ethernet network card, and 

25 a network cable. This connection may have the same impact as a connection made to a 
wireless AP 120 as discussed above. In other words, a user using a wired PCD 110 is 
able to "roam" on various network infrastructures in the same manner as a user using a 
wireless PCD 110. 
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One or more network providers may each have an associated network device 160 
coupled to the network 130. For example, Figure 1 illustrates network devices 160 
associated with three different network providers. The network devices 160 may take any 
of various forms, such as a computer system, router, bridge, etc. It is noted that network 
5 providers may provide network services at a location without being required to locate any 
equipment or bandwidth at a network location. For example, a network provider may 
combine VLANs and IP tunneling to avoid having to locate any equipment or bandwidth 
at a particular network location. 

A user operating a portable computing device 110 will typically have previously 

10 subscribed with one (or more) network providers. Examples of network providers 
include Wayport, MobileStar and Softnet, among others. As discussed further below, 
when the PCD 110 of a user communicates with an AP 120, the respective network 
provider to which the user is subscribed is determined. If no previous affiliation with a 
network provider is detected, a default network provider may be selected. After the 

15 network provider is determined or selected, network access or services may be provided 
through that network provider. For example, data or packets from the respective PCD 
110 may be routed to a destination designated by the respective network provider, such as 
the respective provider's network device 160. This effectively allows a plurality of 
network providers to each offer access on a common network infrastructure. This also 

20 allows subscribers of various network providers to "roam" on other networks, such as 
networks installed and/or maintained by other providers, or networks maintained by 
independent third parties. 

The network system 100 may also include a management information base (MIB) 
150. The MIB 150 may be a mechanism, such as a memory, which may allow the 

25 persistent storage and management of information needed by network 130 to operate. For 
example, in one embodiment of the invention, the MIB 150 may store a data structure, 
such as a table comprising a list of identification information and a corresponding list of 
the plurality of possible network providers. The data structure may also store access 
information, which may comprise associated methods for providing data to the respective 
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plurality of possible network providers. The access information may further comprise 
access level or privilege level information. Thus, the data structure may comprise a table 
having a plurality of tuples, with each tuple having the identification information, e.g., a 
System ID, the corresponding network provider, and access information containing a 
5 method of access to the provider, possibly including a destination IP address or other 
methodology for accessing the provider's site. In an alternate embodiment, as noted 
above, the data structures which store this information may be comprised in each of the 
access points 120, or may be provided in various other locations. 

As discussed further below, when a portable communication device 110 of a user 

10 begins communication with an access point 120, the network provider for the portable 
computing device 110 may be determined using this data structure. The memory medium 
containing the data structure may be accessed, and received network provider 
identification information from the respective portable computing device 110 may be 
used to index into the data structure or table to determine the network provider. The 

15 appropriate access method may also be accessed and used for enabling the network 
provider to provide network services, e.g., the access method may be used for providing 
the data from the respective portable computing device 110 to the determined network 
provider. Access level information may also be retrieved and used to determine a user's 
access to local network resources or Internet access. 

20 The MIB 150 may store other information, such as a directory of all the elements 

(e.g., APs, PCDs, etc) in the network, the topology of the network, characteristics of 
individual network elements, characteristics of connection links, performance and trend 
statistics, and any information which is of interest in the operation of the network 130. 
For example, the MIB may store the precise longitude, latitude, altitude and other 

25 geographic information pinpointing the location of each access point. 

One or more service providers 140 may also be coupled to the network 130 or 
other networks to which the network 130 is coupled, such as the Internet 170. As used 
herein, the term "service provider" is intended to include various types of service and 
information providers which may be connected to the network 130. The service provider 
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140 may take any of various forms and may provide any of various services or 
information. Each service provider 140 may include one or more computers or computer 
systems configured to provide goods, information, and/or services as appropriate for the 
service provider. The one or more service providers 140 may couple to the network in a 
5 wired or wireless fashion. 

The network communication system 100 may be geographic-based. In other 
words, the network communication system 100 may provide information and/or services 
to the user based at least partly on the known geographic location of the user, e.g., as 
indicated by the access points 120 or as indicated by geographic information (e.g., GPS 

10 information) provided from the PCD 110. In one embodiment, the APs 120 are arranged 
at known geographic locations and may provide geographic location information 
regarding the geographic location of the user or the PCD 110. In another embodiment, 
the PCD 110 may provide geographic location information of the PCD 110 through the 
AP 120 to the network 130. For example, the PCD 110 may include GPS (Global 

15 Positioning System) equipment to enable the PCD 1 10 to provide its geographic location 
through the AP 120 to the network 130, such as to a service provider 140 coupled to the 
network 130. 

Memory Medium and Carrier Medium 

20 One or more of the systems described above, such as PCD 110, access points 120, 

MIB 150, and network providers 160 may include a memory medium on which computer 
programs or data according to the present invention may be stored. For example, each of 
the access points 120 and/or the MIB 150 may store a data structure as described above 
comprising information regarding identification information, corresponding network 

25 providers 160 and access information such as associated data routing methods. Each of 
the access points 120 and/or the MIB 150 may further store a software program for 
accessing these data structures and using the information therein to properly provide or 
route data between users (subscribers) and their corresponding network providers, or to 
selectively provide or route data depending on the access information. 
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The term "memory medium" is intended to include various types of memory or 
storage, including an installation medium, e.g., a CD-ROM, or floppy disks 104, a 
random access memory or computer system memory such as DRAM, SRAM, EDO 
RAM, Rambus RAM, EPROM, EEPROM, flash memory etc., or a non-volatile memory 
5 such as a magnetic media, e.g., a hard drive, or optical storage. The memory medium 
may comprise other types of memory as well, or combinations thereof. In addition, the 
memory medium may be located in a first computer in which the programs are executed, 
or may be located in a second different computer which connects to the first computer 
over a network. In the latter instance, the second computer provides the program 

10 instructions to the first computer for execution. The memory medium may also be a 
distributed memory medium, e.g., for security reasons, where a portion of the data is 
stored on one memory medium and the remaining portion of the data may be stored on a 
different memory medium. Also, the memory medium may be one of the networks to 
which the current network is coupled, e.g., a SAN (Storage Area Network). 

15 Also, each of the systems described above may take various forms, including a 

personal computer system, mainframe computer system, workstation, network appliance, 
Internet appliance, personal digital assistant (PDA), television system or other device. In 
general, the term "computer system" can be broadly defined to encompass any device 
having a processor which executes instructions from a memory medium. 

20 The memory medium in one or more of the above systems thus may store a 

software program or data for performing or enabling roaming or selective network 
resource access within a network system 100. A CPU or processing unit in one or more 
of the above systems executing code and data from a memory medium comprises a means 
for executing the software program according to the methods or flowcharts described 

25 below. 

Various embodiments further include receiving or storing instructions and/or data 
implemented in accordance with the present description upon a carrier medium. Suitable 
carrier media include memory media as described above, as well as signals such as 
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electrical, electromagnetic, or other forms of analog or digital signals, conveyed via a 
communication medium such as networks and/or a wireless link. 

Figure 2 

5 Figure 2 is a more detailed block diagram illustrating a portion of the wireless 

network system of Figure 1. Figure 2 illustrates an embodiment having three access 
points 120 which each couple through a respective VLAN, labeled VLAN1, VLAN2 and 
VLAN3. Each of VLAN1, VLAN2 and VLAN3 in turn couple to respective routers 160, 
labeled router A, router B and router C, which are provided by the respective network 

10 providers A, B and C respectively. These routers in turn couple to the Internet. As 
shown, one or more access controllers, e.g., computer systems configured to determine or 
control network service access, may be provided for each of the network providers. The 
access controllers operate to verify user or subscriber access to the respective provider's 
network. Figure 2 illustrates access controller A, access controller B and access 

15 controller C. As shown, access controllers A and B are coupled to router A and router B 
respectively. However, the access controller may be located outside of the local network 
130, e.g., may be comprised on any of various locations on the Internet, as shown with 
respect to access controller C. 

In this embodiment, the data structure may store an identification information / 

20 VLAN tag mapping, e.g., an SID / VLAN tag mapping, which operates to map the user to 
the appropriate VLAN of the user's network provider. 

As shown, each of VLAN1, VLAN2 and VLAN3 may be supported in one or 
more Ethernet switches which support tagged VLANs (IEEE 802. lq). In addition, the 
switch may also support IEEE 802. lp, which provides various quality of service (QoS) 

25 metrics. This enables the switches to enforce certain predefined quality of service metrics 
to any given port or virtual port contained within the network. As shown in Figure 3, it is 
also noted that a router may be present on more than one VLAN. As shown, Figure 3 
includes an 802. lq switch which couples to three access points referred to as access point 
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1 (API), access point 2 (AP2), and access point 3 (AP3). As shown, a router labeled 
router C may be coupled to two or more VLANs as shown. 

Using VLANs, each access point 120 preferably has the ability to transmit/receive 
on one or more VLAN IPs to one or more service providers. This permits, but does not 
5 require, that each network provider use its own network numbering plan. At most, each 
network provider may have an access controller and a router at each coverage location. 
As shown in Figure 3, the access controller is not required to be physically located at the 
coverage location, but rather may be located anywhere. 

10 Figure 4 - Network Access using Roaming 

Figure 4 is a flowchart diagram illustrating operation of allowing roaming access 
and/or selective access to a wireless network system. In one embodiment, as described 
above, the PCD 110 includes identification information, preferably comprising a System 
ID, stored in the memory of the PCD 110. The identification information may store 

15 information which identifies one (or more) network providers to which the user of PCD 
110 is a subscriber. 

The network access method of the present invention may be operable to receive 
and use the identification information to facilitate roaming, e.g., to allow a particular 
network provider to be selected and used for a user operating on the network. As 
20 discussed further below, the identification information may also store access level 
information which may be used to indicate a network access or privilege level. This 
stored access level information may be used to selectively allow user access to different 
parts of the network. 

As shown, in step 202 the user connects to the network (e.g., to an access point of 
25 the network). For example, the user may be walking in an airport with a portable 
computing device and may connect in a wireless fashion to an access point located at the 
airport. In another scenario, the user may enter a hotel room and connect in a wireless 
fashion to an Ethernet port in his/her room which is connected to the network. In another 
scenario, the user may enter an office of a business, such as a law firm or corporation, and 
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may connect in a wireless or wired fashion to an access point located in that office. Thus, 
the user may connect to the network or an access point of the network in any of various 
locations in a wireless or wired fashion. 

In step 204 the personal computing device (PCD) 110 of the user transmits 

5 identification information (ID information) to an access point (AP) 120 of the network. 
The identification information may take any of various forms. In one embodiment, the 
identification information comprises a System ID (SID) according to IEEE 802.11. As 
discussed above, IEEE 802.11 (wireless Ethernet) is designed to support multiple 
overlapping wireless LANs in a given coverage area. IEEE 802.11 uses the System ID 

10 (SID) to "select" which LAN to use, and thus which access point with which to associate. 
In this embodiment each System ED may be uniquely associated with a respective 
network provider, and thus the user may configure the System ID on his/her PCD 110 to 
uniquely identify the network provider to which the user has selected or subscribed. 

The identification information may also or instead be a MAC (media access 

15 controller) ED which is comprised on a wireless Ethernet card of the personal computing 
device used by the user. The MAC ID may perform a similar purpose in selecting the 
network provider. As noted above, the identification information may take various 
forms. For example, the identification information may simply comprise the name of the 
respective provider and the appropriate access information, which may be contained in a 

20 digital certificate. The identification information may comprise other types of network 
provider identification as desired. 

In prior art systems, access points are only able to "listen for" one System ID 
which corresponds to one network provider. According to one embodiment of the 
invention, each access point 120 is operable to "listen for" or "detect" a plurality of 

25 different sets of identification information, e.g., a plurality of different System IDs, which 
may correspond to a plurality of different possible network providers, or which may 
correspond to unknown network providers. Thus, each AP may be set up to "listen" for 
all types of identification information, e.g., listen for all SIDs, and to answer all queries 
from PCDs 110, even if the identification information or SID is not recognized by the 
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particular AP 120. Alternatively, each of the access points may be operable to broadcast 
requests for identification information. For example, each of the access points may 
periodically broadcast requests for SIDs. Alternatively, each of the access points may 
periodically broadcast recognized System IDs to the PCDs, i.e., broadcast the sets of 
5 SIDs the access point supports, wherein the PCDs may respond to this broadcast by 
providing the identification information. 

In step 206 the access point 120 to which the user has connected may transmit 
known geographic location information to the network (e.g., to a network provider on the 
network). This known geographic location information may originate from the AP 120 
10 or from the PCD 1 10 of the user. As discussed further below, this known geographic 
location information may be used in various ways. For example, the geographic location 
information may be used in selecting among two or more possible network providers to 
which the user has previously subscribed, or may be used in selecting the default 
provider. 

15 The geographic location information may also be used in determining the network 

services or access privileges of the user, or used in determining charging aspects of the 
use. For example, this known geographic location information may be used to determine 
whether a third party pays for the network access of the user. As one example, an 
employer of the user (employee) may have previously directed that the employer will pay 

20 for network access of the employee if the employee is located in an airport or hotel, but 
not if the employee is located, for example, in a bar. The known geographic location may 
also be used to determine a charge rate, based on various incentive or sponsorship 
programs of which the user is a member. For example, the user may receive a discount if 
he/she uses network access from certain locations, such as a certain business, a certain 

25 airport club, etc. The known geographic location information may also be used to 
selectively provide different access or privilege levels based on the geographic location, 
e.g., a user may have greater privilege/access levels at a first geographic location than 
from a second different geographic location. This known geographic location 
information may further be used to provide services to the user which are dependent upon 
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the geographic location of the user. For more information on the use of geographic 
location information for providing geographic based services, please see U.S. Patent No. 
5,835,061, referenced above. 

In step 212 the network provider may examine the received identification 
5 information, e.g., the System ID, or other identification information and determine 
whether the received identification information is known or recognized. In step 212 the 
method may also determine if other id information is valid. If the identification 
information is determined to not be known, e.g., the System ID is unknown, then in step 
222 the method may perform processing to account for the unknown identification 

10 information. Step 222 may also involve performing processing for an unknown or 
incorrect digital certificate or other unknown information. 

In step 222, where the identification information is determined to not be known or 
recognized, the method may select a default network provider for the user for network 
access. The default network provider may be the provider who maintains the wireless 

1 5 network system being used, or may be a randomly selected provider. In step 223 the user 
may be required to register with this provider to gain network access. This provider may 
then arrange for ad hoc billing of the user, such as by credit card. For example, the 
provider may present a web page on the user's PCD 110 requesting the user to enter 
credit card information for access to the network. Operation then proceeds to step 232. 

20 Also, if the identification information is determined to not be known, the access or 

privilege level of the user may be set to the lowest possible level. This, for example, may 
allow the user to only have access to certain limited local resources, but no external 
access, e.g., to the Internet. Thus, for example, where the APs 120 are located in an 
airport, the user having a low access level, e.g., the user whose identification information 

25 is not known, may be granted access to certain local resources, such as coffee shops, 
bookstores, and advertising on the local LAN at the airport, but may not be provided with 
Internet access. Access to local resources may be allowed since this does not require the 
use of external facilities and hence does not consume off-property bandwidth, and thus is 
relatively inexpensive to provide. Alternatively, if the identification information of a user 
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is determined to not be known, the system may provide some form of external access, 
which may be billed separately by an external Internet provider, without the user being 
able to view or use any local network resources. 

If known identification information is determined to be received in step 212, then 
5 in step 216 the method may determine the network provider which corresponds to the 
identification information (e.g., the System ID). In the preferred embodiment, a data 
structure comprising network provider information is stored in each of the access points 
120. In this embodiment, the respective access point with which the user is 
communicating receives the identification information and uses the identification 

10 information to obtain the appropriate or corresponding network provider to which the 
user of the PCD 1 10 is subscribed. In step 218 the respective access point 120 may also 
access the data structure to determine the appropriate access method or access level for 
providing data or packets to the respective network provider. The respective access point 
120 may instead access this information from a separate data structure stored in MIB 150. 

15 In an alternate embodiment, the PCD 110 of the user may provide all of this 

information to the access point 120. In this embodiment, the data structure containing the 
network provider data and access information may not be required to be stored in the 
access points 120 or on the network. Alternatively, data may be stored on the network 
130, e.g., in the access points 120 or in the MIB 150, which is used only to validate this 

20 information received from the user. 

As discussed above, the data structure is preferably a table comprising a plurality 
of three-tuples wherein each tuple stores a set of identification information, the 
corresponding network provider associated with that identification information, and 
access information associated with that network provider and/or the user. An example of 

25 this data structure is shown in Figure 5. The data structure shown in Figure 5 includes 
five different sets of three-tuples. It is noted that the data structure may take any of 
various forms. 

The access information may include an access method, possibly including a 
destination address or other method by which data packets are routed to/from the 
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respective site of the network provider or other method which directs that network access 
be provided by that network provider. The access information may also include an access 
level or privilege level that indicates which network resources that the user may access, 
e.g., whether the user is only allowed access to resources on the local network 130, or is 
5 only or in addition allowed external access, such as Internet access. 

Thus, when the access point 120 receives the identification information, the 
access point may simply use the identification information to index into a table 
containing this information to determine the appropriate network provider and the 
respective access method and/or access level. 

10 It is noted that each of steps 212, 216 and 218, and 222 may be performed as one 

action or a series of related actions. In other words, when the access point 120 receives 
the identification information, if the identification information does not index into any of 
the entries in the data structure or table, then the identification information or System ID 
is determined to be unknown or not associated with a respective network provider as 

1 5 determined in step 212. In this case, the default provider and default access level may be 
selected as performed in step 222. If the identification information does index properly 
into an entry of the table, but the corresponding network provider does not have the 
necessary equipment to accommodate the user, then this may also be treated as unknown 
identification information, where another provider or the default provider may be selected 

20 as performed in step 222. 

If the identification information properly indexes into the table, then in steps 216 
and 218 information from the respective entry of the table is accessed and used to 
determine a corresponding network provider which can accommodate the user's network 
access, as well as the associated method and access level for providing network access 

25 using the network provider. 

After the network provider and associated access method / level have been 
determined in each of steps 216 and 218, then in step 232 network access or network 
services may be provided to the portable computing device 110 through the determined 
network provider. For example, in step 232 the access point 120 to which the user is 
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communicating may operate to provide data to/from a destination specified by the 
determined network provider using the method specified by the determined network 
provider, e.g., the method comprised in the table or data structure. In one embodiment, 
the access point 120 may operate simply as a bridge or router which operates to forward 
5 or route packets to the appropriate destination, e.g., to the network provider's network 
device 160 or to the provider's site. As noted above, the network provider may provide a 
network device 160 such as a router, which operates to route packets to the provider's site 
or otherwise simply allow Internet access to the user. Thus in step 232 the method allows 
the personal computing device of the user access to the network using the user's provider. 

10 In another embodiment, the access point 120 itself operates as a router to route 

packets to the determined network provider's site, which may be located on the Internet. 
Thus, in this embodiment, the network provider may not be required to provide any type 
of network device 160 to enable network access for its respective subscribers. Rather, 
data packets from the PCD 110 of the user may be routed to the network provider's site 

15 on the Internet, which may be located in any location. 

In step 232 data is communicated between the PCD 110 and the respective 
destination specified by the network provider preferably using a secured technique. 
Examples of possible secured techniques include Layer 2 forwarding; various tunneling 
protocols such as PPTP, IPSEC, GRE, and IP-in-IP; and tagged VLANs (IEEE 802.1q), 

20 among others. 

In one embodiment, in step 232 the access point 120 operates to direct PCDs 110 
to an available communication channel, e.g., an available RF channel or other wireless 
channel, possibly based on information received from the PCD 110. Thus the access 
point 120, not the PCD 110, may assign channels for communication. For example, the 
25 an access point 120 may operate to direct a PCD 110 to an available communication 
channel (e.g., an RF channel) based on the identification information, e.g., the SID, 
received from the PCD 110. The access point 120 may also operate to direct the PCD 
110 to an available communication channel based on other types of identification or 
authentication information, or on the determined access level of the PCD. This allows an 
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access point 120 to separate the communication traffic onto different channels based on 
the network provider being used, or based on the access or privilege level of the PCD 
110. For example, the access point 120 may assign a PCD 110 a communication channel 
based on whether the PCD 110 has access to private portions of the network. 
5 In step 234 the selected network provider may record charges for the network 

access. In one embodiment, each of the network provider's respective devices 160 may 
maintain separate charge/billing information for each of their respective subscribers. 
Thus, the network device 160 of the selected network provider may record charges for the 
network access of the user. Alternatively, a computer system coupled to the network 130, 

10 such as the MIB 150, or another computer system, may receive information from the 
wireless access point 120 as to the determined network provider, and the computer 
system may maintain billing/charging information for each of a subset or all of the 
network providers. In one embodiment, billing information for the user may be stored on 
the PCD 1 10 and may be provided to the AP 120. 

15 As noted above, network charging information may also be based on known 

geographic information, as well as, for example, sponsorship or demographic information 
of the user, which may be provided to the access point in a digital certificate. 

As noted above, the data structure or table containing network provider 
information may be stored in each of the access points 120. Alternatively, the data 

20 structure may be stored in a separate computer system, such as the MIB 150. In this latter 
instance, each of the access points 120 may operate to forward the identification 
information to the MIB or other computer system 150, and this computer system 
performs steps 212, 216 and 218 of determining the appropriate network provider and 
corresponding access method, or selecting the default provider. Once the network 

25 provider and access method have been determined in this embodiment, this information 
may be forwarded to the respective access point 120 for proper routing, or the respective 
access point 120 may forward data received from the PCD 110 of the user to the MIB 150 
or an associated router for proper routing to the respective network provider's device 160 
or to the appropriate site on the Internet. 

Atty. Dkt No.: 5285-04800 Page 24 Conley, Rose & Tayon, P.C. 



Thus, in step 232 the PCD 110 of the user is allowed to obtain network access 
through his previously chosen network provider, i.e., through the network provider to 
which the user has previously subscribed. As noted above, the network provider, may 
operate to maintain billing/charging information through its equipment 160, at its site, or 
5 through a shared resource such as MIB 150. As also noted above, the billing information 
may be stored on the PCD 110 of the user, e.g., in the user's digital certificate. In this 
case, if the AP 120 answers the query of the PCD 110 and allows access after confirming 
the identification information, the system allow for roaming and billing. This effectively 
allows users to roam on various network infrastructures, e.g., allows a user who is a 

10 subscriber of network provider A to roam on a network infrastructure operated and 
maintained by network provider B. Alternatively, certain portions of the network 
infrastructure may be built and maintained by a third party who is not a network provider, 
and subscribers of each of the various network providers may be able to roam onto this 
network, perhaps with a small fee being paid to the manager of the network infrastructure 

15 in addition to the fee normally paid to the network provider for network access. Further, 
users who have never previously subscribed to a network provider may be allowed to 
communicate with an AP 120 and select a network provider, or be assigned the default 
network provider, for access. 

20 Different Access Levels 

As noted above, in one embodiment, the data structure or table may store one or 
more different access methods depending upon an access level received within the 
identification information. Thus, referring back to Figure 1, the network 130 may 
provide certain local network resources as well as external Internet access which may be 

25 both available to users having a first access level. Users with a second lower access level 
may not be entitled to external access, but may be simply able to view or utilize certain 
local network resources on network 130. Users may also be selectively allowed to make 
802.1 1 voice calls using the network, depending on access level. 



Atty. Dkt No.: 5285-04800 



Page 25 



Conley, Rose & Tayon, P.C. 



For example, in an airport scenario, a non-recognized user, or a user paying a 
lower fee, may have an access/privilege level that only allows him/her local content such 
as various airport advertising, airport information such as the layout of the airport, 
including where the restroom, restaurants, etc. are located, flight information, etc., but 
5 does not allow the non-recognized user external access, e.g., access to the Internet. A 
non-recognized user would of course also not have any access to private corporate LAN's 
maintained on this network, such as the corporate LANs of airlines located at the airport. 

If the wireless network system provides a mechanism for the user to register or 
subscribe to a network provider, then the user may do so and receive Internet access 
10 through that selected provider. As another alternative, the network system may provide a 
mechanism for the user to register or subscribe to an external network provider, e.g., and 
external ISP, perhaps with a small referral fee paid to the maintainer of the network 
system. 

Alternatively, the network 130 may provide various local resources as well as 
15 external Internet access which are both available to users having a first access level, and 
users with a second access level may not be entitled to view or utilize these local network 
resources on network 130, but may be simply provided some form of external access, 
such as external telephone access using VoIP or possibly a pathway to the Internet. 

For example, where the network 130 and one or more wireless access points 120 
20 are comprised in an airport, one or more airlines may maintain various computing 
resources on the local network 130 which are usable solely by airline employees and 
personnel. In this embodiment, PCDs 110 of airline employees may comprise 
identification information which indicates an access level that allows them access to the 
various computing resources on the network 130. Thus, employees of a first airline such 
25 as American Airlines may have first access level information stored on their PCD 110 
that entitles them to utilize certain American Airline computing resources on the network 
130, whereas employees of Delta Airlines may have second different access level 
information stored on their PCD 110 which enables use of only Delta Airlines computing 
resources located on the network 130 etc. For those users who are not airline employees 
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or personnel, these users may have access information stored on their PCD 110 which 
only allows them external access toward the Internet and use of certain non-private local 
resources, but does not allow them to view or use any of the private computing resources 
on the network 130. Thus, PCDs 1 10 of users may store various access level information 
5 comprised within the identification information which selectively allows access to certain 
resources on the local network 130. This effectively allows private and public portions of 
the network 130. 

As another example, consider an office, such as a law firm office or business 
which maintains one or more wireless or wired access points 120. Employees of the 

10 office may have first access level information (possibly of varying degrees) stored on 
their PCD 110 which enables them access to selected resources or all resources on this 
network 130. However, visitors to this office which do not have this privilege or access 
level may be detected by a wireless or wired access point and not be allowed to view or 
use any of the resources on the local network 130, but rather may simply be provided a 

15 port for complementary (or billable) external access to the Internet. Thus, a visitor or 
customer of the business who is physically present in the office and desires Internet 
access may utilize his PCD 1 10 to gain access to the Internet through the local network of 
the office 130, without the visitor or customer being able to view any of the computing 
resources, file servers, etc. of that local network 130. In addition, if the user's corporate 

20 intranet is web-based, the user may be allowed access to his own LAN computing 
resources remotely. This allows businesses to provide customers and visitors with 
Internet access through its network 130 without compromising the security of the 
network 130. 

As noted above, in one embodiment, the known geographic location information 
25 may also be used to selectively provide different access or privilege levels based on the 
geographic location, e.g., a user may have greater privilege/access levels at a first 
geographic location than from a second different geographic location. For example, 
where the network 130 and one or more wireless access points 120 are comprised in an 
airport, a user may have a greater access level and hence access to more network 
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resources from, for example, an airline club such as an Admiral's club, and the same user 
may have a lesser access level and hence access to fewer network resources from an 
airline gate. Thus the access level of a user may be based at least partly on the 
geographic location of the user. This may possibly based on various agreements 
5 negotiated by service providers to "reward" users who are present at their geographic 
location, in a similar manner to which the network charge rate may also be based on the 
geographic location of the user. 

Thus, in step 218, where the method determines an access method for the network 
provider, the method may also determine one or more access levels or privilege levels 

10 contained within the identification information to determine whether the should be 
provided with Internet access or should only have access to local resources on the 
network. The method may also determine the known geographic location of the user to 
aid in determining the access level as described above. 

In step 232 the access point 120 or MIB 150 or other device operates to provide or 

15 route data depending upon this access level. Thus, users with the appropriate access level 
may have Internet access as well as be able to view and use resources on the network 130, 
while users lacking this necessary access level may simply be provided with certain local 
network resources and not have any Internet access. Alternatively, users having a lower 
access or privilege level may be provided some form of external access, such as local 

20 telephone access using VoIP, 802.11 voice calls, or possibly complementary Internet 
access, without being able to view or use certain private network resources. 

Figure 6 illustrates one exemplary embodiment, where a PCD 1 1 OA of a first user 
comprises identification information having an access level which indicates that the user 
has access only to the computing resources on the local network 130. In this instance, 

25 once this access level has been verified as determined by a lookup in the table or data 
structure, data or packets from the PCD 11 OA may be routed to various computing 
resources on the local network as shown by the arrows designated "1". In contrast, PCD 
HOB of a second user comprises identification information which includes a greater 
access level which encompasses accessing local resources on network 130 as well as 
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Internet access. In this instance, in addition to local network access, data or packets may 
also be routed from the PCD HOB through the access point 120 and directly out to an 
external access port for Internet access. Thus, the user who does not have the appropriate 
access or privilege level is able to view or use any computing resources on the network 
5 130, but cannot gain Internet access through the network 130. As noted above, the 
system can also be configured whereby the user who does not have the appropriate access 
or privilege level is only allowed Internet access, and users with higher privilege levels 
are able to view or use computing resources on the network 130. 

10 Thus, the present invention enables two or more network providers to utilize a 

common set of wireless or wired access points to provide their respective services to a 
potentially overlapping set of customers. This allows use of a single network 
infrastructure, which minimally impacts the wireless spectrum available at a location 
while allowing the maximum possible number of network providers to offer their 

15 network access services. In addition, the system and method described herein allows 
subscribers of a network provider A to be able to use the network access service provided 
by network provider B in a location otherwise not serviced by provider A without 
necessarily providing any relationship with provider B and vice versa. This allows a 
confederation of network providers to offer network access to a larger footprint of 

20 locations, which offers more value to each of their respective subscribers. 

The system may thus allow network access from multiple different providers. For 
example, one communication service may be referred to as a Wayport network (Wayport 
is a Registered Trademark of Wayport, Inc. of Austin, Texas). A Wayport network may 
be compatible with other types of similar networks maintained by other companies. For 

25 example, if Wayport networks are installed in the Austin-Bergstrom International airport 
and similar 'XYZ' networks are installed in a hotel in downtown Austin, a user that has 
subscribed to Wayport networks may be able to use the services offered at the downtown 
hotel by XYZ. More specifically, a user that has registered with a Wayport network (e.g., 
has entered demographic data and agreed to pay transaction costs) may not need to 
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register with XYZ. The user may use other network providers (e.g., XYZ networks) and 
still only be billed from one company (e.g., the provider of the Wayport network with 
which the user is registered). This may be accomplished through agreements established 
between different network providers. 
5 For example, a Wayport network-registered user attempts to connect to a XYZ 

network in the downtown hotel. In the embodiment described herein, the access point 120 
maintained by the XYZ network still answers or communicates with the PCD 110, even 
though the PCD 110 provides identification information that is different from, and 
possibly not even recognized by, the access point 120. In this example, assume the XYZ 

10 network notices from the PCD ID information that the user is not registered on the XYZ 
network, but is registered on the WAYPORT network. The XYZ network may perform a 
verification of the PCD ID by querying a database of registered PCD IDs on the 
WAYPORT network. The XYZ network may acquire demographic information on the 
credentials of the user. If the credentials of a user are not acceptable, access to the XYZ 

15 network may be denied. If the credentials are acceptable, the XYZ network may grant 
the user access to various goods, information and/or service providers. The XYZ 
network may inform the user (via a message on the user's PCD) that there is an additional 
cost for accessing the XYZ network as a non-registered user. The user may then have the 
choice of paying the additional fees for the services or disconnecting. In addition, the 

20 user may have the option of registering with the XYZ network to avoid paying 'roaming' 
fees. 

Wireless AP Usage of Multiple Channels 

A wireless access point 120 can use one of a plurality of different RF (radio 
25 frequency) channels for communication with portable computing devices of users. For 
example, a wireless access point 120 can use one of RF channels 1 through 11. As is well 
known, RF channels 1, 6 and 11 are non-overlapping, with the remainder of these 
channels being partially overlapping with other channels. 
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According to one embodiment of the present invention, each wireless access point 
can communicate on one or more, e.g. a plurality of or all of, the available wireless 
channels, e.g., the available RF channels. Furthermore, each access point 120 can control 
which channel the portable computing device 110 of a client is able to use. In one 
5 embodiment, each portable computing device may scan each of the RF channels until it 
detects a wireless access point 120 at one of the channels. 

In one embodiment, one or more of the wireless access points may each utilize a 
plurality of the RF channels, e.g., may use each of the non-overlapping channels 1, 6 and 
1 1 to effectively provide up to three times the channel capacity. Thus, the wireless access 

10 point 120 may be able to control allocations of a plurality or all of the respective RF 
channels to selectively obtain higher bandwidth when appropriate, or to simply 
accommodate a greater number of subscribers. Thus, if a wireless access point using only 
one RF channel could only handle fifty PCD's 110 on that respective channel, the 
wireless access point may operate to use all three non-overlapping RF channels to 

1 5 effectively triple this capacity to a total of 1 50 simultaneous PCD's 110. 

As another example, if the wireless access point 120 is only communicating with 
one portable computing device 110, then the wireless access point 120 may optionally or 
selectively use each of the three non-overlapping RF channels to produce effectively 
three times the bandwidth for this communication. As additional portable computer 

20 devices come into communication with the respective wireless access point, 120, the 
wireless access point 120 may selectively allocate different channels to different ones of 
these PCD's as needed. Further, if more than three PCD's are communicating with the 
respective wireless access point, the wireless access point 120 may partition one or more 
of the respective channels for the respective users, such as using wireless Ethernet 

25 Collision Sense Multiple Access/Collision Detection (CSMA/CD) or other multiple 
access schemes such as TDM A, FDMA, or CDMA, among others. 

In one embodiment, as described above with respect to step 232, the access point 
120 operates to direct PCDs 110 to an available channel, possibly based on information 
received from the PCD 110. Thus the access point 120, not the PCD 110, may assign 
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channels for communication. For example, the an access point 120 may operate to direct 
a PCD 110 to an available communication channel (e.g., an RF channel) based on the 
identification information, e.g., the SID, received from the PCD 110. The access point 
120 may also operate to direct the PCD 1 10 to an available communication channel based 

5 on other types of identification or authentication information, or on the determined access 
level of the PCD. This allows an access point 120 to separate the communication traffic 
onto different channels based on the network provider being used, or based on the access 
or privilege level of the PCD 110. For example, the access point 120 may assign a PCD 
110 a communication channel based on whether the PCD 110 has access to private 

1 0 portions of the network. 

While the present invention has been described with reference to particular 
embodiments, it will be understood that the embodiments are illustrative and that the 
invention scope is not so limited. Any variations, modifications, additions, and 
15 improvements to the embodiments described are possible. These variations, 
modifications, additions, and improvements may fall within the scope of the inventions as 
detailed within the following claims. 
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WHAT IS CLAIMED IS: 



1. A method for providing access to a network system, wherein the network 
system includes a plurality of access points coupled to a network, the method comprising: 

5 a first access point receiving identification information from a portable computing 

device, wherein the identification information indicates a network provider of a plurality 
of possible network providers; 

determining the network provider for the portable computing device after 
receiving the identification information; 
10 the first access point receiving data from the portable computing device; 

providing network access to the portable computing device through the network 
provider determined in said determining. 

2. The method of claim 1, wherein said providing network access comprises 
15 providing the data received from the portable computing device to a destination based on 

the determined network provider. 

3. The method of claim 1, wherein the network system is useable by 
subscribers of each of the plurality of possible network providers. 

20 

4. The method of claim 1, further comprising: 

maintaining and storing a usage amount by the portable computing device; 
wherein the determined network provider charges for access by the portable 
computing device to the network. 

25 

5. The method of claim 1, wherein the network system includes a memory 
medium which stores a data structure comprising a list of identification information and a 
corresponding list of the plurality of possible network providers; 
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wherein said determining the network provider for the portable computing device 
includes accessing the memory medium and using the received identification information 
to determine the network provider. 

5 6. The method of claim 1, wherein the network system includes a memory 

medium which stores a data structure comprising a list of identification information, a 
corresponding list of the plurality of possible network providers, and associated methods 
for providing data to the respective plurality of possible network providers; 

wherein said determining the network provider for the portable computing device 

10 includes accessing the memory medium, using the received identification information to 
determine the network provider, and using an associated method for providing the data to 
the network provider. 

7. The method of claim 6, wherein the data structure stores a destination 
15 address indicating a destination specified by the network provider; 

wherein said providing the data comprises providing the data to the destination 
specified by the network provider. 

8. The method of claim 1, wherein the plurality of access points are 
20 maintained by a first network provider; 

wherein the identification information indicates a second network provider. 

9. The method of claim 1, wherein the identification information comprises a 
System ID of the portable computing device, wherein the System ID uniquely identifies 

25 the network provider of the plurality of possible network providers. 

1 0. The method of claim 1 , further comprising: 
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the first access point receiving identification information from a portable 
computing device, wherein the identification information indicates a first network 
provider of the plurality of possible network providers; 

determining the first network provider for the portable computing device after 
5 receiving the identification information; 

the first access point receiving data from the portable computing device; 

providing the data received from the portable computing device to a destination 
associated with the first network provider; 

the first access point receiving identification information from a portable 
10 computing device, wherein the identification information indicates a second network 
provider of the plurality of possible network providers; 

determining the second network provider for the portable computing device after 
receiving the identification information; 

the first access point receiving data from the portable computing device; and 
15 providing the data received from the portable computing device to a destination 

associated with the second network provider. 

1 1 . The method of claim 1 , 

wherein the plurality of access points are arranged at known locations in a 
20 geographic region, the method further comprising: 

the first access point providing geographic location information indicating a 
known geographic location of the portable computing device; 

wherein said providing network access comprises selectively providing network 
access to the portable computing device based on the known geographic location of the 
25 portable computing device. 

1 2 . The method of claim 1 , further comprising: 

determining an access level for the portable computing device after receiving the 
identification information; 
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the first access point receiving data from the portable computing device; and 
providing the data received from the portable computing device to a destination 
based on the determined access level. 



5 13. The method of claim 12, wherein said providing the data comprises: 

providing the data to one or more resources on the network to allow the portable 
computing device access to the one or more resources on the network if the access level is 
a first access level; 

providing the data to a destination for external access out of the network to only 
10 allow the portable computing device access to other networks if the access level is a 
second access level; 

wherein, if the access level is the second access level, the data is not provided to 
the one or more resources on the network. 

15 14. The method of claim 1, wherein the first access point communicates with 

the portable computing device in a wireless fashion. 

15. The method of claim 14, further comprising: 

assigning a wireless communication channel for communication between the first 
20 access point and the portable computing device. 

16. The method of claim 15, wherein the first access point assigns the wireless 
communication channel for communication between the first access point and the 
portable computing device. 

25 

17. The method of claim 15, wherein said assigning comprises assigning the 
wireless communication channel based on the identification information received from 
the portable computing device. 
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18. The method of claim 15, wherein said assigning comprises assigning the 
wireless communication channel based on the determined network provider. 



19. The method of claim 14, further comprising: 
5 determining an access level for the portable computing device after receiving the 

identification information; and 

assigning a wireless communication channel for communication between the first 
access point and the portable computing device based on the determined access level. 

10 20. The method of claim 1, wherein the first access point communicates with 

the portable computing device in a wired fashion. 



15 21. A network system, comprising: 

a network; 

a plurality of access points coupled to the network, wherein each of the plurality 
of access points is operable to communicate with a portable computing device, wherein 
each of the plurality of access points is configured to receive identification information 
20 from the portable computing device indicating a network provider of a plurality of 
possible network providers; 

wherein each of the plurality of access points is operable to determine the network 
provider indicated in the identification information; 

wherein network access is provided to the portable computing device through the 
25 determined network provider. 

22. The network system of claim 21, wherein each of the plurality of access 
points is operable to provide data received from the portable computing device to a 
destination based on the determined network provider. 
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23. The network system of claim 21, wherein the network system is useable 
by subscribers of each of the plurality of possible network providers. 

5 24. The network system of claim 2 1 , wherein the determined network provider 

charges for access by the portable computing device to the network. 

25. The network system of claim 21, further comprising: 

a memory medium coupled to the network which stores a data structure 
10 comprising a list of identification information and a corresponding list of the plurality of 
possible network providers; 

wherein, in determining the network provider for the portable computing device, 
each of the plurality of access points is operable to access the memory medium and use 
the received identification information to determine the network provider. 

15 

26. The network system of claim 25, wherein the memory medium is 
comprised in one or more of the access points. 

27. The network system of claim 21 , further comprising: 

20 a memory medium coupled to the network which stores a data structure 

comprising a list of network provider identification information, a corresponding list of 
the plurality of possible network providers, and associated methods for providing data to 
the respective plurality of possible network providers; 

wherein, in determining the network provider for the portable computing device, 

25 each of the plurality of access points is operable to access the memory medium, use the 
received network provider identification information to determine the network provider, 
and use an associated method for providing the data to the determined network provider. 
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28. The network system of claim 27, wherein the memory medium is 
comprised in one or more of the access points. 

29. The network system of claim 27, 

5 wherein the data structure stores a destination address indicating a destination 

specified by the determined network provider; 

wherein each of the plurality of access points is operable to provide the data to the 
destination specified by the determined network provider. 

10 30. The network system of claim 21, wherein the plurality of access points are 

maintained by a first network provider; 

wherein the identification information indicates a second network provider. 

31. The network system of claim 21, wherein the identification information 
15 comprises a System ID of the portable computing device, wherein the System ID 

uniquely identifies a network provider of the plurality of possible network providers. 

32. The network system of claim 2 1 , further comprising: 

a portable computing device operated by a user, wherein the portable computing 
20 device includes the identification information, wherein the identification information 
indicates a first network provider of the plurality of network providers; 

wherein, when a first access point of the plurality of access points receives the 
identification information from the portable computing device, the first access point is 
operable to determine the first network provider; 
25 wherein the first access point is operable to provide data received from the 

portable computing device according to the first network provider. 

33. The network system of claim 21, further comprising: 
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one or more network devices coupled to the network, wherein each of the one or 
more network devices corresponds to one of the plurality of possible network providers. 

wherein each of the plurality of access points is operable to provide data received 
from the portable computing device to a network device corresponding to the determined 
5 network provider. 

34. The network system of claim 21, wherein each of the plurality of access 
points is operable to provide the data to the destination in a secure manner. 

10 35. The network system of claim 21, wherein the plurality of access points are 

arranged at known locations in a geographic region, wherein each access point is operable 
to provide geographic location information indicating a known geographic location of the 
portable computing device; 

wherein network access is selectively provided to the portable computing device 

15 based on the known geographic location of the portable computing device. 

36. The network system of claim 21, wherein one or more of the plurality of 
access points are operable to: 

determine an access level for the portable computing device after receiving the 
20 identification information; and 

provide data received from the portable computing device to a destination based 

on the determined access level. 

37. The network system of claim 36, wherein, in providing the data, said one 
25 or more of the plurality of access points are operable to: 

provide the data to one or more resources on the network to allow the portable 
computing device access to the one or more resources on the network if the access level is 
a first access level; 
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provide the data to a destination for external access out of the network to only 
allow the portable computing device access to other networks if the access level is a 
second access level; 

wherein, if the access level is the second access level, the data is not provided to 
5 the one or more resources on the network. 

38. The network system of claim 21, wherein at least a subset of the plurality 
of access points are wireless access points operable to communicate with the portable 
computing device in a wireless fashion. 

10 

39. The network system of claim 38, wherein each of the wireless access 
points is operable to assign a wireless communication channel for communication 
between the first access point and the portable computing device. 

15 40, The network system of claim 39, wherein one or more of the wireless 

access points are operable to assign the wireless communication channel based on the 
identification information received from the portable computing device. 

41. The network system of claim 39, wherein one or more of the wireless 
20 access points is operable to assign the wireless communication channel based on the 

determined network provider. 

42. The network system of claim 38, further comprising: 

wherein one or more of the wireless access points are operable to determine an 
25 access level for the portable computing device after receiving the identification 
information; and 

wherein said one or more of the wireless access points are operable to assign a 
wireless communication channel for communication between the first access point and 
the portable computing device based on the determined access level. 
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43. The network system of claim 21 , wherein at least a subset of the plurality 
of access points are operable to communicate with the portable computing device in a 
wired fashion. 

5 

44. A method for providing roaming features on a wireless network system, 
wherein the wireless network system includes a plurality of access points coupled to a 
network, the method comprising: 

10 a first access point receiving identification information from a portable computing 

device in a wireless manner, wherein the identification information indicates a network 

provider of a plurality of possible network providers; 

determining a network provider for the portable computing device after receiving 

the identification information; 
15 the first access point receiving data from the portable computing device in a 

wireless manner; 

providing the data received from the portable computing device to a destination 
based on the determined network provider. 

20 45. The method of claim 44, wherein the wireless network system is a 

distributed wireless network system. 

46. A method for providing access to a wireless network system, wherein the 
wireless network system includes a plurality of access points coupled to a network, the 
25 method comprising : 

a first access point receiving identification information from a portable computing 
device in a wireless manner, wherein the identification information indicates a network 
provider of a plurality of possible network providers; 
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determining a network provider for the portable computing device after receiving 
the identification information; 

the first access point receiving data from the portable computing device in a 
wireless manner; 

5 providing network access to the portable computing device through the 

determined network provider. 

4£S A method for providing selective access to network resources m a 
distributed wireless network system, wherein the wireless network system includes a 
10 plurality of access points coupled to a network, the method comprising: 

a first access point receiving identification information from a portable computing 

device; 

determining an access level for the portable computing device after receiving the 
identification information; 
15 the first access point receiving data from the portable computing device; and 

providing the data received from the portable computing device to a destination 
based on the determined access level 

42r The method of claim 46, wherein said providing the data comprises: 
20 providing the data to one or more resources on the network to allow the portable 

computing device access to the one or more resources on the network if the access level is 
a first access level; 

providing the data to a destination for external access out of the network to only 
allow the portable computing device access to other networks if the access level is a 
25 second access level; 

wherein, if the access level is the second access level, the data is not provided to 
the one or more resources on the network. 
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ABSTRACT OF THE DISCLOSURE 



A system and method for providing access and/or roaming features on a network 

5 system. The network system includes a plurality of wireless and/or wired access points 
coupled to a network. Access points (APs) for the network may be widely distributed in 
various facilities, such as airports, mass-transit stations, and various businesses. The 
network may couple to a wide area network, such as the Internet. In one embodiment, a 
portable computing device (PCD) of a user may store identification information which 

10 uniquely indicates a network provider of a plurality of possible network providers. The 
identification information may also or instead indicate an access or privilege level of the 
user. Each of the access points are operable to "listen for" or detect identification 
information associated with numerous different providers. When the access point 
receives the identification information from a PCD of a user, the access point may 

15 determine the appropriate network provider for the portable computing device using the 
identification information. Network access may then be provided to the portable 
computing device through the determined network provider. Thus the network system is 
useable by subscribers of each of the plurality of possible network providers, thereby 
enabling subscribers to "roam" on various wireless networks, including networks 

20 maintained by other providers. The access information may also include an access level 
which indicates the user's access or privilege level. Thus, the local network may provide 
various local resources which are available to users having a first access level, and users 
with a second access level may not be entitled to view or utilize these network resources 
on the network, but may be simply provided external Internet access. 

25 
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